feat(annex): semantic EMV2 model — typed error-propagations projection (REQ-EMV2-PROPAGATION-002, L1/4)#313
Merged
Merged
Conversation
…n (REQ-EMV2-PROPAGATION-002) Layer 1 of 4 for the EMV2 annex→instance integration foundation (#294). The EMV2 parser already produces a lossless Rowan CST, but downstream analysis (the fault-propagation traversal / Emv2Overlay) needs a SEMANTIC view. This adds crates/spar-annex/src/emv2/model.rs — `Emv2Model::from_syntax` lifting the CST into typed structs: `ErrorPropagation` (feature/kind, direction, negation, type set) and `ErrorFlow` (source/sink/path with incoming + outgoing points and types). Handles the grammar asymmetry: ERROR_PROPAGATION wraps its port in a FEATURE_OR_PP_REF node (recovered from node text), but flow propagation-points are BARE token sequences — recovered by a landmark-driven walk over ordered children (flow keyword starts the incoming point, `->` the outgoing point, and `{`/`when`/`if`/`;` end it). Oracle-first: 9 tests parse REAL annex bodies → assert the typed model (never a hand-built struct — the circularity that hides the #294 bug today). Includes a VERBATIM block from the bundled OSATE corpus (network_protocol_pkg.aadl) with propagation-KIND points (`bindings`, `connection`) plus a source + sink + path together. Scoped to the error-propagations section only; does NOT yet reach SystemInstance (that is layers 2-4). Traceability: TEST-EMV2-SEMANTIC-MODEL verifies REQ-EMV2-PROPAGATION-002 (umbrella stays proposed until L4 closes the end-to-end > 0-chains oracle; layer status noted on the requirement). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Rivet verification gate✅ 20/20 passed
Filter: Failed artifacts(none) Updated automatically by |
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Layer 1 of 4 for the EMV2 annex→instance integration foundation (#294, REQ-EMV2-PROPAGATION-002 — the user-directed v0.23 headline). The EMV2 parser already produces a lossless Rowan CST, but downstream fault-propagation analysis (the
Emv2Overlay, empty today → "0 chains" for every real model) needs a semantic view. This addscrates/spar-annex/src/emv2/model.rs:Emv2Model::from_syntaxlifting the CST into typed structs —ErrorPropagation(feature/kind, direction, negation, type set) andErrorFlow(source/sink/path with incoming + outgoing points and types).Scope correction (from the umbrella requirement)
#294's premise — that the fault tree and STPA bridge already read the annex — is false: those passes emit structural output and hardcode
"ServiceFailure". The annex is parsed but dropped at item-tree lowering and never threaded through instantiation. This is a 4-layer foundation; this PR is layer 1 (the parse-driven semantic model), and does not yet reachSystemInstance(layers 2–4: item-tree attach → instance projection → overlay populate + analyze-path wiring + end-to-end >0-chains oracle).Oracle-first
12 tests parse real annex bodies → assert the typed model (never a hand-built struct — the exact circularity that hides the bug today). Includes a verbatim block from the bundled OSATE corpus (
network_protocol_pkg.aadl) with propagation-kind points (bindings,connection) plus a source + sink + path together, and targeted cases for the landmark-walk edges (bare source stops at;,whenguard ends the point, a path's outgoing type set doesn't leak into the flow's incomingerror_types).Handles the grammar asymmetry:
ERROR_PROPAGATIONwraps its port in aFEATURE_OR_PP_REFnode, but flow propagation-points are bare token sequences recovered by a landmark-driven walk (flow keyword → incoming point,->→ outgoing,{/when/if/;→ end).Verification
cargo test -p spar-annex --lib model→ 12 pass; clippy + fmt clean.k == IDENT && name.is_empty()— a flow's first token is always its name IDENT, so&&/||never diverge on reachable input).TEST-EMV2-SEMANTIC-MODELverifiesREQ-EMV2-PROPAGATION-002.🤖 Generated with Claude Code